Skip to main content
SpringerLink
Log in

Secure Biometric-Based Authentication for Cloud Computing

  • Conference paper
Cloud Computing and Services Science (CLOSER 2012)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 367))

Included in the following conference series:

Abstract

Over the past several years, many companies have gained benefits from the implementation of cloud solutions within the organization. Due to the advantages such as flexibility, mobility, and costs saving, the number of cloud users is expected to grow rapidly. Consequently, organizations need a secure way to authenticate its users in order to ensure the functionality of their services and data stored in the cloud storages are managed in a private environment. In the current approaches, the user authentication in cloud computing is based on the credentials submitted by the user such as password, token and digital certificate. Unfortunately, these credentials can often be stolen, accidentally revealed or hard to remember. In view of this, we propose a biometric-based authentication protocol to support the user authentication for the cloud environment. Our solution can be used as the second factor for the cloud users to send their authentication requests. In our design, we incorporate several players (client, service agent and service provider) to collaborate together to perform the matching operation between the query feature vector and the biometric template of the user. In particular, we consider a distributed scenario where the biometric templates are stored in the cloud storage while the user authentication is performed without the leakage of any sensitive information.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Mell, P., Grance, T.: The NIST Definition of Cloud Computing. National Instituite of Standards and Technology (2009)

    Google Scholar 

  2. Buyya, R., Yeo, C.S., Venugopal, S., Broberg, J., Brandic, I.: Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Gener. Comput. Syst. 25, 599–616 (2009)

    Article  Google Scholar 

  3. Neuman, B.C., Ts’o, T.: Kerberos: An Authentication Service for Open Network Systems. IEEE Communications 32, 33–38 (1994)

    Article  Google Scholar 

  4. Recordon, D., Reed, D.: OpenID 2.0: a platform for user-centric identity management. In: Proceedings of the Second ACM Workshop on Digital Identity Management, pp. 11–16. ACM, Alexandria (2006)

    Chapter  Google Scholar 

  5. Lenk, A., Klems, M., Nimis, J., Tai, S., Sandholm, T.: What’s inside the Cloud? An architectural map of the Cloud landscape. In: Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing, pp. 23–31. IEEE Computer Society (2009)

    Google Scholar 

  6. Fiveash, K.: HP sells cloud vision amidst economic downpour. Will customers get soaked on transformation journeys? King’s College London (2008)

    Google Scholar 

  7. Senk, C., Dotzler, F.: Biometric Authentication as a Service for Enterprise Identity Management Deployment: A Data Protection Perspective. In: Sixth International Conference on Availability, Reliability and Security, Vienna Austria, pp. 43–50 (2011)

    Google Scholar 

  8. Convery, S.: Network Authentication, Authorization, and Accounting Part One: Concepts, Elements, and Approaches. The Internet Protocol Journal 10, 2–11 (2007)

    Google Scholar 

  9. Lloyd, B., Simpson, W.: PPP Authentication Protocols. RFC Editor (1992)

    Google Scholar 

  10. Simpson, W.: PPP Challenge Handshake Authentication Protocol (CHAP). RFC Editor (1996)

    Google Scholar 

  11. Canetti, R.: Universally Composable Signature, Certification, and Authentication. In: Proceedings of the 17th IEEE Workshop on Computer Security Foundations, p. 219. IEEE Computer Society (2004)

    Google Scholar 

  12. Haller, N.: The S/KEY One-Time Password System. In: Internet Society Symposium on Network and Distributed Systems, pp. 151–157 (1994)

    Google Scholar 

  13. Rubin, A.D.: Independent one-time passwords. In: Proceedings of the 5th Conference on USENIX UNIX Security Symposium, vol. 5, p. 15. USENIX Association, Salt Lake City (1995)

    Google Scholar 

  14. Brooks, C.: Amazon adds onetime password token to entice the wary. SearchCloudComputing (2009)

    Google Scholar 

  15. http://silicontrust.wordpress.com/2011/03/04/bioid-announces-worlds-first-biometric-authentication-as-a-service-baas/

  16. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, Soongsil University, Sangdo-Dong Dongjak-Gu, 156-743, Seoul, Korea

    Kok-Seng Wong & Myung Ho Kim

Authors
  1. Kok-Seng Wong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Myung Ho Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Empire State College, Long Island Center, State University of New York, 11788, NY, U.S.A.

    Ivan I. Ivanov

  2. University of Twente, Enschede, The Netherlands

    Marten van Sinderen

  3. Institute of Architecture of Application Systems, University of Stuttgart, Universittsstraße 38, 70569, Stuttgart, Germany

    Frank Leymann

  4. CTS, Charlotte, NC, USA

    Tony Shan

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

Wong, KS., Kim, M.H. (2013). Secure Biometric-Based Authentication for Cloud Computing. In: Ivanov, I.I., van Sinderen, M., Leymann, F., Shan, T. (eds) Cloud Computing and Services Science. CLOSER 2012. Communications in Computer and Information Science, vol 367. Springer, Cham. https://doi.org/10.1007/978-3-319-04519-1_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-04519-1_6

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-04518-4

  • Online ISBN: 978-3-319-04519-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation